Fix TLS 1.3 CCM

CMakeLists.txt

@@ -764,7 +764,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1055")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1056")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)

include/gmssl/version.h

@@ -18,7 +18,7 @@ extern "C" {
 
 
 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1055"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1056"
 
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);

src/tls13.c

@@ -1222,7 +1222,6 @@ int tls13_send(TLS_CONNECT *conn, const uint8_t *data, size_t datalen, size_t *s
 		const uint8_t *iv;
 		uint8_t *seq_num;
 		size_t padding_len = 0;
-		size_t record_datalen;
 
 		int request_update = 0;
 
@@ -1275,9 +1274,14 @@ int tls13_send(TLS_CONNECT *conn, const uint8_t *data, size_t datalen, size_t *s
 
 
 		tls13_padding_len_rand(&padding_len);
-		if (tls13_gcm_encrypt(key, iv,
-			seq_num, TLS_record_application_data, data, datalen, padding_len,
-			conn->record + 5, &record_datalen) != 1) {
+		if (tls_record_set_application_data(conn->plain_record, &conn->plain_recordlen,
+			data, datalen) != 1) {
+			error_print();
+			return -1;
+		}
+		if (tls13_record_encrypt(conn->cipher_suite, key, iv,
+			seq_num, conn->plain_record, conn->plain_recordlen, padding_len,
+			conn->record, &conn->recordlen) != 1) {
 			error_print();
 			return -1;
 		}
@@ -1285,11 +1289,6 @@ int tls13_send(TLS_CONNECT *conn, const uint8_t *data, size_t datalen, size_t *s
 
 		ret = 1;
 
-		tls_record_set_type(conn->record, TLS_record_application_data);
-		tls_record_set_protocol(conn->record, TLS_protocol_tls12);
-		tls_record_set_data_length(conn->record, record_datalen);
-
-		conn->recordlen = 5 + record_datalen;
 		conn->record_offset = 0;
 		conn->send_state = TLS_state_send_record;
 

tests/tls13test.c

@@ -97,9 +97,11 @@ static int test_tls13_gcm(void)
 	return 1;
 }
 
-#ifdef ENABLE_AES_CCM
+#if defined(ENABLE_AES_CCM) || defined(ENABLE_SM4_CCM)
 static int test_tls13_ccm(void)
 {
+	const BLOCK_CIPHER *cipher;
+	int cipher_suite;
 	BLOCK_CIPHER_KEY block_key;
 	uint8_t key[16];
 	uint8_t iv[12];
@@ -116,6 +118,14 @@ static int test_tls13_ccm(void)
 	rand_bytes(iv, sizeof(iv));
 	rand_bytes(record + 5, 40);
 
+#ifdef ENABLE_AES_CCM
+	cipher = BLOCK_CIPHER_aes128();
+	cipher_suite = TLS_cipher_aes_128_ccm_sha256;
+#else
+	cipher = BLOCK_CIPHER_sm4();
+	cipher_suite = TLS_cipher_sm4_ccm_sm3;
+#endif
+
 	record[0] = TLS_record_handshake;
 	record[1] = TLS_protocol_tls12 >> 8;
 	record[2] = TLS_protocol_tls12 & 0xff;
@@ -123,16 +133,16 @@ static int test_tls13_ccm(void)
 	record[4] = 40;
 	recordlen = 5 + 40;
 
-	if (block_cipher_set_encrypt_key(&block_key, BLOCK_CIPHER_aes128(), key) != 1) {
+	if (block_cipher_set_encrypt_key(&block_key, cipher, key) != 1) {
 		error_print();
 		return -1;
 	}
-	if (tls13_record_encrypt(TLS_cipher_aes_128_ccm_sha256, &block_key, iv,
+	if (tls13_record_encrypt(cipher_suite, &block_key, iv,
 		seq_num, record, recordlen, padding_len, enced_record, &enced_recordlen) != 1) {
 		error_print();
 		return -1;
 	}
-	if (tls13_record_decrypt(TLS_cipher_aes_128_ccm_sha256, &block_key, iv,
+	if (tls13_record_decrypt(cipher_suite, &block_key, iv,
 		seq_num, enced_record, enced_recordlen, buf, &buflen) != 1) {
 		error_print();
 		return -1;
@@ -142,6 +152,71 @@ static int test_tls13_ccm(void)
 		return -1;
 	}
 
+#ifndef WIN32
+	{
+		TLS_CTX ctx;
+		TLS_CONNECT conn;
+		tls_socket_t fds[2];
+		uint8_t data[40];
+		size_t sentlen;
+		uint8_t recv_record[256];
+		size_t recv_recordlen;
+		uint8_t decrypt_seq_num[8] = {0};
+		const uint8_t *decrypt_data;
+		size_t decrypt_datalen;
+		tls_ret_t n;
+
+		memset(&ctx, 0, sizeof(ctx));
+		memset(&conn, 0, sizeof(conn));
+		rand_bytes(data, sizeof(data));
+
+		if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) != 0) {
+			error_print();
+			return -1;
+		}
+		conn.ctx = &ctx;
+		conn.is_client = 1;
+		conn.sock = fds[0];
+		conn.cipher_suite = cipher_suite;
+		memcpy(conn.client_write_iv, iv, sizeof(iv));
+		if (block_cipher_set_encrypt_key(&conn.client_write_key, cipher, key) != 1) {
+			error_print();
+			return -1;
+		}
+		if (tls13_send(&conn, data, sizeof(data), &sentlen) != 1 || sentlen != sizeof(data)) {
+			error_print();
+			return -1;
+		}
+		if ((n = tls_socket_recv(fds[1], recv_record, TLS_RECORD_HEADER_SIZE, 0)) != TLS_RECORD_HEADER_SIZE) {
+			error_print();
+			return -1;
+		}
+		recv_recordlen = tls_record_length(recv_record);
+		if (recv_recordlen > sizeof(recv_record)) {
+			error_print();
+			return -1;
+		}
+		if ((n = tls_socket_recv(fds[1], recv_record + TLS_RECORD_HEADER_SIZE,
+			recv_recordlen - TLS_RECORD_HEADER_SIZE, 0)) != (tls_ret_t)(recv_recordlen - TLS_RECORD_HEADER_SIZE)) {
+			error_print();
+			return -1;
+		}
+		if (tls13_record_decrypt(cipher_suite, &block_key, iv,
+			decrypt_seq_num, recv_record, recv_recordlen, buf, &buflen) != 1) {
+			error_print();
+			return -1;
+		}
+		if (tls_record_get_application_data(buf, &decrypt_data, &decrypt_datalen) != 1
+			|| decrypt_datalen != sizeof(data)
+			|| memcmp(decrypt_data, data, decrypt_datalen) != 0) {
+			error_print();
+			return -1;
+		}
+		tls_socket_close(fds[0]);
+		tls_socket_close(fds[1]);
+	}
+#endif
+
 	printf("%s() ok\n", __FUNCTION__);
 	return 1;
 }
@@ -711,7 +786,7 @@ int main(void)
 {
 	if (test_tls_ext() != 1) goto err;
 	if (test_tls13_gcm() != 1) goto err;
-#ifdef ENABLE_AES_CCM
+#if defined(ENABLE_AES_CCM) || defined(ENABLE_SM4_CCM)
 	if (test_tls13_ccm() != 1) goto err;
 #endif
 	if (test_tls13_supported_versions_ext() != 1) goto err;